‘Olympic Destroyer’ malware targeted Pyeongchang Games: Firms

(Reuters) — Several U.S. cyber security firms said on Monday that they had uncovered a computer virus dubbed “Olympic Destroyer” that was likely used in an attack on Friday’s opening ceremony of the Pyeongchang Winter Games.

Games organizers confirmed the attack on Sunday, saying that it affected internet and television services but did not compromise critical operations. Organizers did not say who was behind the attack or provide detailed discussion of the malware, though a spokesman said that all issues had been resolved as of Saturday.

Researchers with cyber security firms Cisco Systems Inc., CrowdStrike and FireEye Inc. said in blog posts and statements to Reuters on Monday that they had analyzed computer code they believed was used in Friday’s attack.

All three security companies said the Olympic Destroyer malware was designed to knock computers offline by deleting critical system files, which would render the machines useless.

The three firms said they did not know who was behind the attack.

“Disruption is the clear objective in this type of attack and it leaves us confident in thinking that the actors behind this were after embarrassment of the Olympic committee during the opening ceremony,” Cisco said in its blog.

The attack took the Olympics website offline, which meant that some people could not print out tickets and WiFi used by reporters covering the games did not work during the opening ceremony, according to Cisco.

Drones that were intended to be used in the program failed to deploy, prompting organizers to insert prerecorded footage of the drones in global telecasts.

It was not immediately clear if the issue with the drones was caused by the cyber attack.